Big Data to Drive Big Intelligence in Cyber Warfare

One of the main themes at the recent RSA conference in San Francisco was the call to action for information security professionals to seek training and help recruit infosec professionals into this rapidly expanding industry.

The United States doesn't have nearly enough people who can defend the country from digital intrusions. We know this, because cyber security professionals are part of a larger class of workers in (STEM) science, technology, engineering, and math--and we do not have nearly enough of them, either.

Just last month the Pentagon said it needed to increase the U.S. Cyber Command's workforce by 300 percent--a tall order by any measure, but one that's grown even more urgent since the public learned of massive and sustained Chinese attempts at cyber espionage recently.

What is going on? Do the old security solutions no longer work in protecting our PCs, servers, networks, and databases?

It seems that a scary truth is emerging that many of the traditional older products offered by many of the leading IT security vendors have failed at stopping various forms of digital intrusions. Anti-virus software has proven ineffective against the most sophisticated cyber attacks. These are the ones incidentally that are likely to cost most in terms of damage inflicted or intellectual property lost.

The IT security market will grow to $65 Billion this year and is projected to grow at 9 per cent annually for the foreseeable future, according to Gartner. This is a heck of a lot faster than the IT industry as a whole. Since large parts of the security market are barely growing, that leaves plenty of opportunity to cash in on new approaches for CISOs to defend their organizations.

So what are CISOs to do? Their plans for defense include not just a multi-layered approach utilizing the best practices and security policies but some new technologies as well.

One such approach involves spotting malware long before it reaches its intended targets. Companies such as Palo Alto Networks and FireEye that produce specialized appliances that sit at the gateway to corporate or government networks, looking out for such threats.

Pulling suspicious-looking email attachments and testing them in ringfenced “sand boxes” before delivery offers the promise of filtering out many malware threats in real time.

Another approach to security says lets assume that even the best-secured networks will eventually be penetrated. If the attackers are assumed to be already on the inside, then the focus shifts to identifying their tracks as they move around.

Additionally the plan calls for making sure an organizations most important digital assets are harder for the intruders to locate and extract - many times through intentional dummy systems that are set up to look like the real system but in fact are just tackling dummies or in this case hacking dummies.

Lastly, many of the top security vendors have discovered the application of big data techniques to battling security. Using Pattern-recognition techniques that process massive amounts of data to identify normal types of behavior on a network, in order to spot the anomalies is becoming mainstream in network security. This is Packet sniffing technology on steroids that not only looks at individual IP packets but looks across all packets - almost in real time - to identify the patterns of breach.

The resulting technology is what some CISOs and analysts and vendor have come to call “big intelligence” in battling cyber attacks.

CIOs and CISOs now have tools that enable better awareness and a clearer understanding of normal network access behaviors and patterns. These are some of the new main lines of defense in network and corporate security.

The number and variety of computing endpoints are growing rapidly, as mobile devices and, increasingly, machine-to-machine communications proliferate in a global fashion. The growth of the data and processes that are starting to flow out of corporate networks to tap services that live in the cloud is turning the old defensive barriers into digital Swiss Cheese.

One thing we know for sure is that no one ever wins in the cat and mouse game of cyber warfare but not maintaining the latest and greatest security techniques will surely lead to digital intrusion and data loss.

Enjoyed the article?

Sign-up for our free newsletter to kick off your day with the latest technology insights, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.

Bill has been a member of the technology and publishing industries for more than 25 years and brings extensive expertise to the roles of CEO, CIO, and Executive Editor. Most recently, Bill was COO and Co-Founder of CIOZone.com and the parent company PSN Inc. Previously, Bill held the position of CTO of both Wiseads New Media and About.com.